US20150112872A1 - System and method for guided passcode entry - Google Patents
System and method for guided passcode entry Download PDFInfo
- Publication number
- US20150112872A1 US20150112872A1 US14/060,726 US201314060726A US2015112872A1 US 20150112872 A1 US20150112872 A1 US 20150112872A1 US 201314060726 A US201314060726 A US 201314060726A US 2015112872 A1 US2015112872 A1 US 2015112872A1
- Authority
- US
- United States
- Prior art keywords
- user
- input
- passcode
- randomized
- prescribed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4012—Verifying personal identification numbers [PIN]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1025—Identification of user by a PIN code
- G07F7/1033—Details of the PIN pad
- G07F7/1041—PIN input keyboard gets new key allocation at each use
Definitions
- This specification relates to the field of secure computing systems and, in particular, to facilitating secure entry of passcodes for authentication, identification, or verification of an account holder.
- ATMs provide an interface that allows credit card and debit card users to receive and/or deposit funds.
- POS point-of-sale device
- a user typically provides a transaction card, such as a debit card and/or credit card having account information embedded therein.
- the account information can include a card number, the account holder's name, and the like.
- PIN personal identification number
- Fraudsters often attach scanning devices to an ATM to read a transaction card and record the embedded account information, and also obtain the user's PIN number by watching or recording video of the user entering the PIN on the ATM keypad. Once the fraudster has the account information and PIN, the fraudster has access to the user's account.
- other systems in which a user enters a password, PIN, log-in or other private information are similarly susceptible to fraud. For example, a fraudster can obtain a user's secure website log-in and password by watching the user input the private information on a computer.
- the method includes displaying a randomized input sequence on a screen of a terminal, such as an ATM or computing device.
- the method also includes receiving input data at the terminal from an account holder comprising characters of the passcode input in an order.
- the method also includes causing a test (e.g., a verification) of the input data against a database of passcodes associated with account holders.
- Each passcode associated with an account holder includes a plurality of prescribed passcode characters having a prescribed position in a prescribed input order.
- the testing step includes comparing the characters of the input data to a particular passcode associated with the account holder stored in the database.
- the input data is compared in accordance with the randomized input sequence, and in regard to the order that the input data was received.
- the method also includes advancing the secure transaction at the terminal in response to any exact match of the received input data to the particular passcode.
- the step of establishing the randomized input sequence can include generating the randomized input sequence at the terminal or at a remote server, using, for example, a pseudo-random number generator.
- the randomized input sequence is a randomly arranged sequence of digits in the range 1 to N, wherein N is the number of prescribed passcode characters and wherein each digit is equivalent to one of the prescribed positions in the prescribed input order.
- displaying the randomized input sequence can include iteratively displaying each of the digits according to the randomly arranged sequence. Accordingly the account holder is prompted to enter, for each of the displayed digits, a particular prescribed passcode character having a particular prescribed position that is equivalent to the displayed digit.
- FIG. 1 is a high-level diagram illustrating an exemplary electronic transaction system in accordance with at least one embodiment disclosed herein;
- FIG. 2 is a block diagram of a computing device in accordance with at least one embodiment disclosed herein;
- FIG. 3 is a flow diagram showing a routine that illustrates a broad aspect of a method for guided passcode entry in accordance with at least one embodiment disclosed herein;
- FIG. 4 depicts an exemplary display of a randomized input sequence on an ATM, in accordance with at least one embodiment disclosed herein;
- FIG. 5A depicts an exemplary display of a randomized input sequence on an ATM, in accordance with at least one embodiment disclosed herein;
- FIG. 5B depicts an exemplary display of a randomized input sequence on an ATM, in accordance with at least one embodiment disclosed herein.
- a passcode for example a personal identification number (“PIN”) in connection with a secure transaction.
- PIN personal identification number
- the exemplary guided passcode entry system provides additional security to traditional secret PIN or password entry systems by generating a randomized input sequence (order of entry) and prompting the user to input the PIN according to the randomized input sequence, and authorizes the transaction according to the received PIN. Accordingly, a fraudster who obtains the digits of a user's PIN will not automatically know the particular order of entry and cannot gain access to the user's account as easily as in traditional PIN entry systems.
- Transaction terminals implementing user-account and secret PIN entry authorization process, including ATM's, point-of-sale systems, secure access points (e.g., electronically locked doors), and other computing devices, are widely implemented.
- the embodiments disclosed herein improve the security of using such terminals through modification of the PIN entry process, thereby providing improved security with a relatively low barrier to implementation.
- FIG. 1 depicts an exemplary computer implemented secure transaction system, which in this example is an ATM transaction system 100 (hereinafter “payment processing system 100 ”) that includes ATM terminals 110 (hereinafter “ATMs 110 ”), a payment network 120 , and financial institution networks 140 .
- ATMs 110 ATM terminals 110
- ATMs 120 payment network 120
- financial institution networks 140 financial institution networks
- the payment processing system 100 can facilitate ATM transactions initiated by users of the ATMs 110 .
- a user can present a transaction card to be read at one of the ATMs 110 and can interact with the ATM to carry out transactions for receiving funds dispensed from the ATM, depositing funds into the ATM, receiving balance or statement information, electronic transfers of funds between accounts, and the like.
- Transaction cards can include be debit cards, credit or prepaid cards having account information embedded therein.
- the account information can include a card number, the account holder's name, a card verification code, and the like.
- a debit card is a transaction card issued for a demand deposit account.
- a credit card is a transaction card issued for a credit card account.
- a prepaid card is a transaction card issued for a pre-funded account.
- Transaction cards can be formed using, for example, a plastic card with a magnetic stripe embedded with account information disposed thereon. The magnetic strips can be swiped at the ATM to allow the ATM to read the account information from the transaction cards.
- the ATMs 110 can be configured to facilitate ATM transactions via the payment network 120 and the financial institution networks 140 .
- the ATMs 110 read account information from transaction cards. To ensure that the user is the individual associated with the account information, the ATM can request the user to enter a personal identification number (PIN).
- PIN personal identification number
- the ATM can be configured to allow a user to submit transaction requests including cash withdrawals from accounts, cash or check deposits into accounts, fund transfers between accounts, balance inquiries for accounts, cash advances from accounts, and the like.
- the ATM transfers the transaction requests to the payment network 120 for processing.
- the payment network 120 is communicatively coupled to the ATMs and the financial institution networks 140 to facilitate processing of ATM transactions.
- the payment network 120 can route transaction requests from the ATMs 110 to the appropriate financial institution network based on the transaction information included in the transaction request and can route transaction responses from the financial institution network to the ATMs 110 .
- the payment network 120 can include debit switches 122 , which are electronic devices in the payment network 120 for routing ATM transaction requests and ATM transaction responses between the ATMs 110 and the financial institution networks 140 .
- the debit switches 122 interface with the ATMs 110 to provide initial processing of a transaction request by the payment network 120 and to forward a transaction response to the ATMs 110 .
- the debit switches 122 are configured to route the transaction requests through the payment network 120 and ultimately to the appropriate one of the financial institution networks 140 .
- the debit switches 122 can use transaction information included in the transaction request to determine how a transaction request should be routed. For example, the debit switches 122 can use at least a portion of the card number, such as a bank identification number (BIN), read from the user's transaction card by the ATM.
- BIN bank identification number
- a BIN typically includes the first six numbers of a transaction card number and can identify the financial institution that issued the transaction card, as well as the type of transaction card being used (e.g., credit, debit, prepaid).
- the debit switches 122 can use transaction routing tables and/or an account association tables, which can be stored in the debit switches 122 and/or stored separate from the debit switches in one or more database devices 124 that are accessible by the debit switches 122 , to determine the routing path and to determine to which one of the financial institution networks 140 the transaction requests should be routed.
- the transaction routing table can include route information identifying one or more routes a transaction request and/or transaction response can travel to reach a destination, such as a financial institution network or an ATM.
- the account association table can include account information, such as card numbers, account numbers, PINs, security codes, cardholder names, and the like. Accounts included in the account association table can allow a user to perform non-traditional ATM transactions.
- the financial institution networks 140 can include one or more servers 142 to receive and process the transaction requests routed to them from the payment network 120 , and to generate transaction responses to the transaction requests in accordance with rules and/or other predetermined parameters established by the financial institutions associated with the financial institution networks.
- the servers 142 are implemented using computing devices.
- cardholders can have accounts, such as demand deposit accounts 144 , including checking accounts and/or saving accounts, and/or can have credit card accounts 146 with one or more of the financial institutions associated with the financial institution networks 140 .
- the financial institution networks 140 can determine whether to process or deny/block the transaction requests received from the payment network 120 .
- the financial institution network 140 (or alternatively the payment network 120 ) can determine whether to process or deny the transaction request by verifying whether the entered PIN matches a prescribed PIN that is stored in association with the cardholder's account information.
- the prescribed PIN can be stored in one or more databases accessible by the financial institution network 140 , for example, as an entry an account association table. After the entered PIN is verified, the transaction request is further processed as would be understood by those skilled in the art. If the transaction is denied, a transaction response corresponding to the denial is transmitted to the ATM via the payment network 120 .
- a transaction response corresponding to the acceptance is transmitted to the ATM via the payment network 120 .
- the financial institution can update the cardholder's account to reflect the transaction.
- the financial institution network can deduct the amount of the funds from the user's demand deposit account.
- the ATM Upon relaying the transaction response to the ATM, the ATM performs the service requested from the user, such as, for example, dispensing funds, accepting funds for deposit, providing an account balance, providing an account statement, and the like.
- FIG. 2 is a high-level diagram illustrating an exemplary configuration of a computing device 205 that facilitates guided passcode entry in conjunction with a secure transaction processing system, for example, payment processing system 100 .
- computing device 205 can be an ATM (e.g., ATM 110 in FIG. 1 ).
- computing device 205 can be a server (not shown) that is part of the payment network 120 or financial institution networks 140 .
- computing device can be a personal computing device of a user, a point of sale (POS) device, such as a merchant POS device, a laptop computer, or a mobile device/smartphone, though it should be understood that computing device 205 can be practically any computing device and/or data processing apparatus capable of embodying the systems and/or methods described herein. It should also be understood that the systems and methods described herein are not limited to transaction processing systems and can be implemented in any computing environment that requires securely receiving private information from a user, preferably, for the purpose of verifying, authenticating or identifying the user according to the private information. It should also be understood that a passcode can include any log-in, private word, private key, PIN number or any such private string of characters, words or phrases known by a user and used for authentication, verification or identification.
- POS point of sale
- computing device 205 can be practically any computing device and/or data processing apparatus capable of embodying the systems and/or methods described herein.
- the systems and methods described herein are not limited to transaction processing systems and
- Exemplary computing device 205 includes a processor 210 which is operatively connected to various hardware and software components that serve to enable operation of the payment processing system 100 .
- the processor 210 serves to execute instructions to perform various operations relating to guided passcode entry and transaction processing as will be described in greater detail below.
- the processor 210 can be a number of processors, a multi-processor core, or some other type of processor, depending on the particular implementation.
- a memory 220 and/or a storage medium 290 are accessible by the processor 210 , thereby enabling the processor 210 to receive and execute instructions stored on the memory 220 and/or on the storage 290 .
- the memory 220 can be, for example, a random access memory (RAM) or any other suitable volatile or non-volatile computer readable storage medium.
- the memory 220 can be fixed or removable.
- the storage 290 can take various forms, depending on the particular implementation.
- the storage 290 can contain one or more components or devices such as a hard drive, a flash memory, a rewritable optical disk, a rewritable magnetic tape, or some combination of the above.
- the storage 290 also can be fixed or removable.
- One or more software modules 230 are encoded in the storage 290 and/or in the memory 220 .
- the software modules 230 can comprise one or more software programs or applications having computer program code or a set of instructions executed in the processor 210 .
- Such computer program code or instructions for carrying out operations for aspects of the systems and methods disclosed herein can be written in any combination of one or more programming languages, as would be understood by those skilled in the art.
- the program code can execute entirely on the computing device 205 as a stand-alone software package, partly on the computing device 205 and partly on a remote computing device, such as a payment network 120 server or a financial institution network 140 server (not shown), or entirely on such remote servers.
- the remote computer can be connected to the computing device 205 through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection can be made to an external computer (for example, through the Internet using an Internet Service Provider).
- LAN local area network
- WAN wide area network
- Internet Service Provider an Internet Service Provider
- a user interface module 270 included among the software modules 230 is a user interface module 270 , an input randomizer module 272 , an authentication module 274 , a database module 276 , and a communication module 278 that are executed by the processor 210 .
- one or more of the software modules 230 can be downloaded over a network to the storage 290 from another device or system via the communication interface 255 for use within the payment processing system 100 .
- program code stored in a computer readable storage device in a server can be downloaded over a network from the server to the storage 290 .
- database 280 contains and/or maintains various data items and elements that are utilized throughout the various operations of the payment processing system 100 , including but not limited to, PIN numbers and user account information, as will be described in greater detail herein. It should be noted that although the database 280 is depicted as being configured locally to the computing device 205 , in certain implementations the database 280 and/or various of the data elements stored therein can be stored on a computer readable memory or storage medium that is located remotely (such as on a remote server that is part of the payment network 120 or the financial institution networks 140 of FIG. 1 ) and connected to the computing device 205 through a network (not shown), in a manner known to those of ordinary skill in the art.
- a user interface 240 is also operatively connected to the processor.
- the interface can be one or more input device(s), such as switch(es), button(s), key(s), a touch-screen, as would be understood in the art of electronic computing devices.
- Interface serves to facilitate the capture of commands from the user, such as a user PIN number or user information and settings related to operation of the system for biometric authentication 100 .
- a display 250 is also operatively connected to the processor.
- the display 250 includes a screen or any other such presentation device that enables the system to instruct or otherwise provide feedback to the user regarding the operation of the payment processing system 100 .
- display 250 can be a digital display such as an LCD display, a CRT, or other such 2-dimensional display as would be understood by those skilled in the art.
- the user interface 240 and the display 250 can be integrated into a touch screen display.
- the display is also used to show a graphical user interface, which can display various data and provide “forms” that include fields that allow for the entry of information by the user. Touching the touch screen at locations corresponding to the display of a graphical user interface allows the person to interact with the device to enter data, control functions, etc. So when the touch screen is touched, interface communicates this change to processor, and settings can be changed or user entered information can be captured and stored in the memory.
- One or more electronic readers 260 can be operatively connected to the processor 210 .
- the electronic reader 260 serves to facilitate the capture of electronic information from the user, preferably, personal information, for example financial account information.
- the ATM can be equipped with a magnetic stripe reader for capturing user account information from a transaction card that is inserted into the reader 260 by the user.
- the electronic reader can also be a NFC-enabled reader that can read financial account information from a NFC tag presented by the user.
- the electronic reader in the context of a computer controlled door lock, can be an RFID tag reader that can obtain user identifying information from an RFID tag presented by the user.
- a communication interface 255 is also operatively connected to the processor 210 .
- the communication interface 255 can be any interface that enables communication between the ATM 205 and external devices, machines and/or elements.
- the communication interface 255 includes, but is not limited to, a modem, a Network Interface Card (NIC), an integrated network interface, a radio frequency transmitter/receiver (e.g., Bluetooth, cellular, NFC), a satellite communication transmitter/receiver, an infrared port, a USB connection, and/or any other such interfaces for connecting the computing device 205 to other computing devices and/or communication networks, such as private networks and the Internet.
- Such connections can include a wired connection or a wireless connection (e.g., using the 802 . 11 standard) though it should be understood that communication interface 255 can be practically any interface that enables communication to/from the processor 210 .
- the computing device 205 can communicate with one or more remote computing devices, such as those servers controlled and/or maintained by one or more individuals and/or entities, such as a banking institution, payment provider or payment network. Such computing devices transmit and/or receive data to/from the computing device 205 , thereby preferably initiating maintaining, and/or enhancing the operation of the guided passcode entry system 100 , as will be described in greater detail below.
- the remote computing devices can be in direct communication with the computing device 205 , indirect communication with the computing device 205 , and/or can be communicatively coordinated with the computing device 205 , as will be described in greater detail below.
- computing devices can be practically any device capable of communication with the computing device 205
- certain computing devices e.g., that of the payment network 120
- servers are servers, though it should be understood that practically any computing device that is capable of transmitting and/or receiving data to/from the computing device 205 could be similarly substituted.
- FIG. 3 is an exemplary flowchart depicting a process 400 for guided passcode entry according to an exemplary embodiment.
- the process begins at step 402 in which a user initiates a secure transaction by providing personally identifiable information to the computing device 205 .
- the user can present a transaction card to the ATM by inserting it into the electronic reader 260 .
- the ATM can receive the account information, such as an account number, account-holder name, and the like, read from the transaction card.
- the user can identify himself/herself by presenting a NFC communication device to the electronic reader 260 and wirelessly transmitting account information to the POS device.
- the user can initiate the secure transaction by entering a username.
- step 405 responsive to initiation of the transaction, the processor 210 of computing device 205 executing one or more of the software modules 230 , including, in certain implementations, the randomizer module 272 , generates a “randomized” input sequence.
- each of the digits in the PIN have a prescribed input order (1 st , 2 nd , 3 rd , 4 th ) and a corresponding position in the order, e.g., 1 st —“7”, 2 nd “8”, 3 rd —“9” and 4 th —“2”.
- the configured processor can generate a “randomized” input sequence so as to create an input sequence that differs from the prescribed input order (1,2,3,4) and as such provides an additional level of security in case an onlooker or video camera were monitoring the user interface 240 and unlawfully recording the user enter the PIN at the computing device 205 .
- the randomized input sequence need not be truly random and, for example, can be generated by the configured processor by using a pseudo-random number generator that randomly reorders the prescribed input order 1, 2, 3, 4 to an arbitrary input sequence, for example, 2, 4, 1, 3.
- the randomized input sequence is a non-repeating random sequence of digits in the range 1 to N, wherein N is the number of prescribed passcode characters and each digit corresponds to one of the prescribed positions in the prescribed input order.
- the randomized sequence does not omit any positions in the prescribed input order, for example, 2,4,4,1, such that each digit is entered by the user for comparison to the stored PIN.
- the sequence can be non-repeating, however, it should be understood that repeating input sequences and sequences that have more digits than the prescribed PIN can be generated, for example, 2, 4, 1, 1, 3.
- the randomized input sequence can be generated by the configured processor 210 of the computing device 205 or alternatively, by a remote server, for example, one that is part of the payment network 120 or the financial institution network 140 and transmitted via a communications network and received by the communication interface 255 .
- transmitting data e.g., the input sequence or the user inputs
- transmitting data can be performed using communication protocols, including without limitation, Short Message Service, Unstructured Supplementary Service Data or Interactive Voice Response.
- the processor 210 executing one or more of the software modules 230 , including, in certain implementations, the user interface module 270 , can present the “randomized” input sequence to the user.
- the randomized input sequence 242 can be displayed by simply showing the re-ordered positions (e.g., 2, 4, 1, 3).
- the user is prompted to first input, on the user interface 240 (key-pad), the PIN digit that corresponds to the 2 nd position in the prescribed input order, followed by the PIN digit that corresponds to the 4 th position, followed by the PIN digit that corresponds to the first position and lastly the PIN digit that corresponds to the 3 rd position in the prescribed input order.
- the randomized input sequence is presented to a user on a display 250 or area of the display 250 that is separate from the user interface 240 (e.g., key-pad) where the user enters the PIN because fraudsters typically focus a camera or attempt to view the user interface as opposed to the user interface and the display.
- alternative output devices can be used to present information to the user and receive input from the user via the computing device, for example, audio input/output devices or tactile input/output devices as would be understood by those skilled in the art.
- the processor 210 which is configured by executing one or more of software modules 230 , including, in certain implementations, the user interface module 270 , receives an input of the user's PIN.
- the received PIN is input by the user into the user interface 240 (e.g., key-pad) of the computing device 205 and received as a plurality of “received PIN digits” each having a received position corresponding to the order in which they were input by the user and received by the configured processor 210 .
- FIG. 5A depicts an alternative manner of prompting the user to input the user's PIN according to the randomized input sequence (e.g., PIN digit positions 2, 4, 1, 3) and receiving the user input.
- the configured processor can present on the display 250 , a form that includes a plurality of distinct areas 251 - 254 , which in this example are boxes.
- each of the boxes corresponds to one of the positions in the prescribed input order.
- the prescribed input order is typically PIN digit positions (1, 2, 3, 4).
- Display of the boxes in the exemplary left to right arrangement is similar to how a conventional ATM displays blanks, dashes, boxes or other such indicators alerting the user that each area corresponds to a digit of the PIN to be entered by the user.
- the leftmost area 251 corresponds to the first position in the prescribed input order (i.e., first digit of the user's PIN)
- area 252 corresponds to the second position (i.e., second digit of the user's PIN)
- area 253 corresponds to the third position (i.e., third digit of the user's PIN)
- area 254 corresponds to the fourth position in the prescribed input order (i.e., fourth digit of the user's PIN).
- the configured processor can prompt the user to input the user's PIN according to the randomized input sequence by highlighting the boxes according to the randomized input sequence (PIN positions 2, 4, 1, 3). Since the first PIN digit to be entered according to the rearranged input sequence is the PIN digit that is normally in the 2 nd position, as shown in FIG. 5A , the second area 252 is highlighted to prompt the user to input the PIN digit which corresponds to the 2 nd position in the prescribed input order. As depicted in FIG. 5B , after receipt of the user input, the configured processor can highlight another distinct area according to the randomized input sequence. In this example, the fourth area 254 is highlighted to prompt the user to input the PIN digit which corresponds to the 4 th position. This process can be repeated iteratively for the entire randomized input sequence.
- each digit in the randomized input sequence can be displayed on a different portion of the screen so as to make it more difficult for an onlooker to view the input sequence.
- the randomized sequence can be provided to the user via an alternative means to the display 250 .
- one or more notifications (such as an e-mail or SMS message) containing the sequence can be generated and/or transmitted to the user.
- the processor 210 which is configured by executing one or more of the software modules 230 , including, in certain implementations, the authentication module 274 , verifies that the PIN matches a PIN stored in the database. More specifically, the configured processor can test the received data against a database of PINS associated with a plurality of account holders for an exact match. The testing step can include comparing the received PIN digits to the particular PIN associated with the account holder (e.g., the user) stored in the database 280 . The received PIN is compared in accordance with the randomized input sequence and in regard to the order that the input data was received.
- the configured processor can query the database 280 for the prescribed PIN number stored therein and associated with the account information.
- the prescribed PIN can be stored in the database 280 as an entry an account association table.
- the account association table can include information such as card numbers, account numbers, prescribed PINS, security codes, account holder names, and the like.
- each prescribed PIN is stored in a prescribed input order. For each of the received PIN digits having a particular received position, verification includes comparing the received PIN digit to the prescribed PIN digit having a prescribed position that is equivalent to the particular received position transposed according to the randomized input sequence.
- the received PIN digits can be re-ordered according to the randomized input sequence prior to comparing the received PIN digits to the particular PIN associated with the account information.
- the re-ordered received PIN digits can be directly compared to the corresponding prescribed PIN digits.
- the computing device 205 and/or remote computing devices can verify whether the received PIN matches a prescribed PIN stored in the database.
- one or more steps involved in verifying a PIN e.g., re-ordering and/or comparing, can also be performed by the computing device 205 and/or a remote computing device.
- the computing device 205 can re-order the received PIN according to the randomized input sequence and transmit the re-ordered received PIN to a remote computing device for comparison to the particular PIN associated with the account holder.
- the verification/testing of a received passcode with stored passcodes can be performed using a hardware security module (HSM) residing in the payment network 120 and/or financial institution network 140 (not shown).
- HSM hardware security module
- the HSM receives (1) the received PIN and (2) and an encrypted PIN previously stored in a memory (e.g., a database), and the HSM outputs the result of testing/verification.
- a memory e.g., a database
- various computing devices or modules can perform the testing step in accordance with the disclosed embodiments.
- the processor 210 which is configured by executing one or more of the software modules 230 , including, in certain implementations, the authentication module 274 , causes the secure transaction at the terminal to advance in response to any exact match of the received PIN to the prescribed PIN. Advancing the transaction can include authorizing the transaction, displaying user options and the like as would be understood by those skilled in the art.
- the configured processor can cause the display 250 to notify the user with an error message and can prompt the user to re-enter the user's PIN according to the previously generated randomized sequence.
- the configured processor can repeat steps 415 - 425 or variations thereof
- the references herein to ATM transactions should be understood to be exemplary, and thus non-limiting. As such, it can be further appreciated that the methods and systems described herein can be readily adapted towards the facilitation of the receipt of a PIN, for example at a point of sale device where a payment card or NFC device is used. Additionally, it should be understood that payment processing system 100 is referred to as such in the interests of simplicity and clarity, however, in certain implementations, payment processing system 100 can be configured such that it enables any number of operations described herein (e.g., generating a randomized input sequence, authenticating, etc.), even if such operations do not directly pertain to payment processing transactions.
- one or more computer programs, modules, and/or applications that when executed perform methods of the present invention need not reside on a single computer or processor, but can be distributed in a modular fashion amongst a number of different computers or processors to implement various aspects of the systems and methods disclosed herein.
- each block in the flowchart or block diagrams can represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
- each block in the flowchart or block diagrams can represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
- the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
- This specification relates to the field of secure computing systems and, in particular, to facilitating secure entry of passcodes for authentication, identification, or verification of an account holder.
- Automated Teller Machines (ATMs) provide an interface that allows credit card and debit card users to receive and/or deposit funds. During typical use of ATMs, and other transaction systems like a merchant point-of-sale device (POS), a user typically provides a transaction card, such as a debit card and/or credit card having account information embedded therein. The account information can include a card number, the account holder's name, and the like. To complete the transaction, the user often has to enter in a secure passcode such as a personal identification number (PIN) to authenticate the transaction.
- One issue with ATMs is that they are vulnerable to fraud. Fraudsters often attach scanning devices to an ATM to read a transaction card and record the embedded account information, and also obtain the user's PIN number by watching or recording video of the user entering the PIN on the ATM keypad. Once the fraudster has the account information and PIN, the fraudster has access to the user's account. Similarly, other systems in which a user enters a password, PIN, log-in or other private information are similarly susceptible to fraud. For example, a fraudster can obtain a user's secure website log-in and password by watching the user input the private information on a computer.
- Accordingly, there is a need for systems and methods that are less susceptible to fraud from recording or viewing a user input his/her private passcodes.
- It is with respect to these and other considerations that the disclosure made herein is presented.
- Technologies are presented herein in support of systems and methods for guided entry of a passcode. The method includes displaying a randomized input sequence on a screen of a terminal, such as an ATM or computing device. The method also includes receiving input data at the terminal from an account holder comprising characters of the passcode input in an order. The method also includes causing a test (e.g., a verification) of the input data against a database of passcodes associated with account holders. Each passcode associated with an account holder includes a plurality of prescribed passcode characters having a prescribed position in a prescribed input order. The testing step includes comparing the characters of the input data to a particular passcode associated with the account holder stored in the database. Because the input data was entered by the user according to the randomized input sequence, the input data is compared in accordance with the randomized input sequence, and in regard to the order that the input data was received. The method also includes advancing the secure transaction at the terminal in response to any exact match of the received input data to the particular passcode.
- In one implementation, the step of establishing the randomized input sequence can include generating the randomized input sequence at the terminal or at a remote server, using, for example, a pseudo-random number generator.
- In another implementation, the randomized input sequence is a randomly arranged sequence of digits in the range 1 to N, wherein N is the number of prescribed passcode characters and wherein each digit is equivalent to one of the prescribed positions in the prescribed input order. Moreover, displaying the randomized input sequence can include iteratively displaying each of the digits according to the randomly arranged sequence. Accordingly the account holder is prompted to enter, for each of the displayed digits, a particular prescribed passcode character having a particular prescribed position that is equivalent to the displayed digit.
- These and other aspects, features, and advantages can be appreciated from the accompanying description of certain embodiments of the disclosure and the accompanying drawing figures and claims.
-
FIG. 1 is a high-level diagram illustrating an exemplary electronic transaction system in accordance with at least one embodiment disclosed herein; -
FIG. 2 is a block diagram of a computing device in accordance with at least one embodiment disclosed herein; -
FIG. 3 is a flow diagram showing a routine that illustrates a broad aspect of a method for guided passcode entry in accordance with at least one embodiment disclosed herein; -
FIG. 4 depicts an exemplary display of a randomized input sequence on an ATM, in accordance with at least one embodiment disclosed herein; -
FIG. 5A depicts an exemplary display of a randomized input sequence on an ATM, in accordance with at least one embodiment disclosed herein; and -
FIG. 5B depicts an exemplary display of a randomized input sequence on an ATM, in accordance with at least one embodiment disclosed herein. - By way of overview and introduction, various systems and methods are described herein that facilitate and enable guided entry of a passcode, for example a personal identification number (“PIN”) in connection with a secure transaction. The exemplary guided passcode entry system provides additional security to traditional secret PIN or password entry systems by generating a randomized input sequence (order of entry) and prompting the user to input the PIN according to the randomized input sequence, and authorizes the transaction according to the received PIN. Accordingly, a fraudster who obtains the digits of a user's PIN will not automatically know the particular order of entry and cannot gain access to the user's account as easily as in traditional PIN entry systems. Transaction terminals implementing user-account and secret PIN entry authorization process, including ATM's, point-of-sale systems, secure access points (e.g., electronically locked doors), and other computing devices, are widely implemented. The embodiments disclosed herein improve the security of using such terminals through modification of the PIN entry process, thereby providing improved security with a relatively low barrier to implementation.
-
FIG. 1 depicts an exemplary computer implemented secure transaction system, which in this example is an ATM transaction system 100 (hereinafter “payment processing system 100”) that includes ATM terminals 110 (hereinafter “ATMs 110”), apayment network 120, andfinancial institution networks 140. It should be understood that intermediate networks, such astelecommunications network 131, can exist between the ATMs and the payment networks and financial institution networks. It should also be understood that thepayment network 120 andfinancial institution networks 140 are not required to be separate components and can be combined into one or more back end system servers. - The
payment processing system 100 can facilitate ATM transactions initiated by users of theATMs 110. For example, a user can present a transaction card to be read at one of theATMs 110 and can interact with the ATM to carry out transactions for receiving funds dispensed from the ATM, depositing funds into the ATM, receiving balance or statement information, electronic transfers of funds between accounts, and the like. - Transaction cards can include be debit cards, credit or prepaid cards having account information embedded therein. The account information can include a card number, the account holder's name, a card verification code, and the like. A debit card is a transaction card issued for a demand deposit account. A credit card is a transaction card issued for a credit card account. A prepaid card is a transaction card issued for a pre-funded account. Transaction cards can be formed using, for example, a plastic card with a magnetic stripe embedded with account information disposed thereon. The magnetic strips can be swiped at the ATM to allow the ATM to read the account information from the transaction cards.
- The
ATMs 110 can be configured to facilitate ATM transactions via thepayment network 120 and thefinancial institution networks 140. TheATMs 110 read account information from transaction cards. To ensure that the user is the individual associated with the account information, the ATM can request the user to enter a personal identification number (PIN). The ATM can be configured to allow a user to submit transaction requests including cash withdrawals from accounts, cash or check deposits into accounts, fund transfers between accounts, balance inquiries for accounts, cash advances from accounts, and the like. - The ATM transfers the transaction requests to the
payment network 120 for processing. Thepayment network 120 is communicatively coupled to the ATMs and thefinancial institution networks 140 to facilitate processing of ATM transactions. Thepayment network 120 can route transaction requests from theATMs 110 to the appropriate financial institution network based on the transaction information included in the transaction request and can route transaction responses from the financial institution network to theATMs 110. As shown, thepayment network 120 can includedebit switches 122, which are electronic devices in thepayment network 120 for routing ATM transaction requests and ATM transaction responses between theATMs 110 and thefinancial institution networks 140. The debit switches 122 interface with theATMs 110 to provide initial processing of a transaction request by thepayment network 120 and to forward a transaction response to theATMs 110. Thedebit switches 122 are configured to route the transaction requests through thepayment network 120 and ultimately to the appropriate one of thefinancial institution networks 140. The debit switches 122 can use transaction information included in the transaction request to determine how a transaction request should be routed. For example, the debit switches 122 can use at least a portion of the card number, such as a bank identification number (BIN), read from the user's transaction card by the ATM. A BIN typically includes the first six numbers of a transaction card number and can identify the financial institution that issued the transaction card, as well as the type of transaction card being used (e.g., credit, debit, prepaid). In some embodiments, the debit switches 122 can use transaction routing tables and/or an account association tables, which can be stored in the debit switches 122 and/or stored separate from the debit switches in one ormore database devices 124 that are accessible by the debit switches 122, to determine the routing path and to determine to which one of thefinancial institution networks 140 the transaction requests should be routed. The transaction routing table can include route information identifying one or more routes a transaction request and/or transaction response can travel to reach a destination, such as a financial institution network or an ATM. The account association table can include account information, such as card numbers, account numbers, PINs, security codes, cardholder names, and the like. Accounts included in the account association table can allow a user to perform non-traditional ATM transactions. - The
financial institution networks 140 can include one ormore servers 142 to receive and process the transaction requests routed to them from thepayment network 120, and to generate transaction responses to the transaction requests in accordance with rules and/or other predetermined parameters established by the financial institutions associated with the financial institution networks. Theservers 142 are implemented using computing devices. In one embodiment, cardholders can have accounts, such asdemand deposit accounts 144, including checking accounts and/or saving accounts, and/or can have credit card accounts 146 with one or more of the financial institutions associated with the financial institution networks 140. - The
financial institution networks 140 can determine whether to process or deny/block the transaction requests received from thepayment network 120. For example, as a preliminary matter, the financial institution network 140 (or alternatively the payment network 120) can determine whether to process or deny the transaction request by verifying whether the entered PIN matches a prescribed PIN that is stored in association with the cardholder's account information. The prescribed PIN can be stored in one or more databases accessible by thefinancial institution network 140, for example, as an entry an account association table. After the entered PIN is verified, the transaction request is further processed as would be understood by those skilled in the art. If the transaction is denied, a transaction response corresponding to the denial is transmitted to the ATM via thepayment network 120. If the transaction request is accepted, a transaction response corresponding to the acceptance is transmitted to the ATM via thepayment network 120. If the transaction request is approved, the financial institution can update the cardholder's account to reflect the transaction. By way of non-limiting example, if a user withdraws funds from a demand deposit account, the financial institution network can deduct the amount of the funds from the user's demand deposit account. Upon relaying the transaction response to the ATM, the ATM performs the service requested from the user, such as, for example, dispensing funds, accepting funds for deposit, providing an account balance, providing an account statement, and the like. - It should be noted that although much of the foregoing description has been directed to systems for processing ATM transactions using a debit card, the particular arrangement of networks (e.g.,
payment network 120,communication network 131, and financial institution networks 140), computing devices (e.g.,ATM 110, debit switches 122 and servers 142) and the transaction processing steps are presented as a non-limiting, exemplary environment in which the systems and methods for facilitating guided passcode entry disclosed herein can be employed. It can be appreciated that the arrangement of computing devices and transaction processing steps can vary according to the particular type of secure transaction (e.g., credit card, debit card, pre-paid card, NFC payment, electronic wallet, secure user log-in), as would be understood by those skilled in the art. -
FIG. 2 is a high-level diagram illustrating an exemplary configuration of acomputing device 205 that facilitates guided passcode entry in conjunction with a secure transaction processing system, for example,payment processing system 100. In one arrangement,computing device 205 can be an ATM (e.g.,ATM 110 inFIG. 1 ). In other implementations,computing device 205 can be a server (not shown) that is part of thepayment network 120 or financial institution networks 140. As a further alternative, computing device can be a personal computing device of a user, a point of sale (POS) device, such as a merchant POS device, a laptop computer, or a mobile device/smartphone, though it should be understood thatcomputing device 205 can be practically any computing device and/or data processing apparatus capable of embodying the systems and/or methods described herein. It should also be understood that the systems and methods described herein are not limited to transaction processing systems and can be implemented in any computing environment that requires securely receiving private information from a user, preferably, for the purpose of verifying, authenticating or identifying the user according to the private information. It should also be understood that a passcode can include any log-in, private word, private key, PIN number or any such private string of characters, words or phrases known by a user and used for authentication, verification or identification. -
Exemplary computing device 205 includes aprocessor 210 which is operatively connected to various hardware and software components that serve to enable operation of thepayment processing system 100. Theprocessor 210 serves to execute instructions to perform various operations relating to guided passcode entry and transaction processing as will be described in greater detail below. Theprocessor 210 can be a number of processors, a multi-processor core, or some other type of processor, depending on the particular implementation. - In certain implementations, a
memory 220 and/or astorage medium 290 are accessible by theprocessor 210, thereby enabling theprocessor 210 to receive and execute instructions stored on thememory 220 and/or on thestorage 290. Thememory 220 can be, for example, a random access memory (RAM) or any other suitable volatile or non-volatile computer readable storage medium. In addition, thememory 220 can be fixed or removable. Thestorage 290 can take various forms, depending on the particular implementation. For example, thestorage 290 can contain one or more components or devices such as a hard drive, a flash memory, a rewritable optical disk, a rewritable magnetic tape, or some combination of the above. Thestorage 290 also can be fixed or removable. - One or
more software modules 230 are encoded in thestorage 290 and/or in thememory 220. Thesoftware modules 230 can comprise one or more software programs or applications having computer program code or a set of instructions executed in theprocessor 210. Such computer program code or instructions for carrying out operations for aspects of the systems and methods disclosed herein can be written in any combination of one or more programming languages, as would be understood by those skilled in the art. The program code can execute entirely on thecomputing device 205 as a stand-alone software package, partly on thecomputing device 205 and partly on a remote computing device, such as apayment network 120 server or afinancial institution network 140 server (not shown), or entirely on such remote servers. In the latter scenario, the remote computer can be connected to thecomputing device 205 through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection can be made to an external computer (for example, through the Internet using an Internet Service Provider). - Preferably, included among the
software modules 230 is auser interface module 270, aninput randomizer module 272, anauthentication module 274, adatabase module 276, and acommunication module 278 that are executed by theprocessor 210. - It should be understood that in some illustrative embodiments, one or more of the
software modules 230 can be downloaded over a network to thestorage 290 from another device or system via thecommunication interface 255 for use within thepayment processing system 100. For instance, program code stored in a computer readable storage device in a server can be downloaded over a network from the server to thestorage 290. - Also preferably stored on the
storage 290 is adatabase 280. As will be described in greater detail below,database 280 contains and/or maintains various data items and elements that are utilized throughout the various operations of thepayment processing system 100, including but not limited to, PIN numbers and user account information, as will be described in greater detail herein. It should be noted that although thedatabase 280 is depicted as being configured locally to thecomputing device 205, in certain implementations thedatabase 280 and/or various of the data elements stored therein can be stored on a computer readable memory or storage medium that is located remotely (such as on a remote server that is part of thepayment network 120 or thefinancial institution networks 140 ofFIG. 1 ) and connected to thecomputing device 205 through a network (not shown), in a manner known to those of ordinary skill in the art. - A
user interface 240 is also operatively connected to the processor. The interface can be one or more input device(s), such as switch(es), button(s), key(s), a touch-screen, as would be understood in the art of electronic computing devices. Interface serves to facilitate the capture of commands from the user, such as a user PIN number or user information and settings related to operation of the system forbiometric authentication 100. - A
display 250 is also operatively connected to the processor. Thedisplay 250 includes a screen or any other such presentation device that enables the system to instruct or otherwise provide feedback to the user regarding the operation of thepayment processing system 100. By way of example, display 250 can be a digital display such as an LCD display, a CRT, or other such 2-dimensional display as would be understood by those skilled in the art. - By way of further example, the
user interface 240 and thedisplay 250 can be integrated into a touch screen display. Accordingly, the display is also used to show a graphical user interface, which can display various data and provide “forms” that include fields that allow for the entry of information by the user. Touching the touch screen at locations corresponding to the display of a graphical user interface allows the person to interact with the device to enter data, control functions, etc. So when the touch screen is touched, interface communicates this change to processor, and settings can be changed or user entered information can be captured and stored in the memory. - One or more
electronic readers 260 can be operatively connected to theprocessor 210. Theelectronic reader 260 serves to facilitate the capture of electronic information from the user, preferably, personal information, for example financial account information. For example, in the context of an ATM, the ATM can be equipped with a magnetic stripe reader for capturing user account information from a transaction card that is inserted into thereader 260 by the user. By way of further example, in the context of a point of sale device, the electronic reader can also be a NFC-enabled reader that can read financial account information from a NFC tag presented by the user. By way of further example, in the context of a computer controlled door lock, the electronic reader can be an RFID tag reader that can obtain user identifying information from an RFID tag presented by the user. - A
communication interface 255 is also operatively connected to theprocessor 210. Thecommunication interface 255 can be any interface that enables communication between theATM 205 and external devices, machines and/or elements. In certain implementations, thecommunication interface 255 includes, but is not limited to, a modem, a Network Interface Card (NIC), an integrated network interface, a radio frequency transmitter/receiver (e.g., Bluetooth, cellular, NFC), a satellite communication transmitter/receiver, an infrared port, a USB connection, and/or any other such interfaces for connecting thecomputing device 205 to other computing devices and/or communication networks, such as private networks and the Internet. Such connections can include a wired connection or a wireless connection (e.g., using the 802.11 standard) though it should be understood thatcommunication interface 255 can be practically any interface that enables communication to/from theprocessor 210. - At various points during the operation of the
payment processing system 100, thecomputing device 205 can communicate with one or more remote computing devices, such as those servers controlled and/or maintained by one or more individuals and/or entities, such as a banking institution, payment provider or payment network. Such computing devices transmit and/or receive data to/from thecomputing device 205, thereby preferably initiating maintaining, and/or enhancing the operation of the guidedpasscode entry system 100, as will be described in greater detail below. It should be understood that the remote computing devices can be in direct communication with thecomputing device 205, indirect communication with thecomputing device 205, and/or can be communicatively coordinated with thecomputing device 205, as will be described in greater detail below. While such computing devices can be practically any device capable of communication with thecomputing device 205, in the preferred embodiment certain computing devices (e.g., that of the payment network 120) are servers, though it should be understood that practically any computing device that is capable of transmitting and/or receiving data to/from thecomputing device 205 could be similarly substituted. - The operation of the
payment processing system 100 and the various elements and components described above will be further appreciated with reference to the method for facilitating guided passcode entry for facilitating a secure transaction as described below, in conjunction withFIGS. 3-6B . -
FIG. 3 is an exemplary flowchart depicting aprocess 400 for guided passcode entry according to an exemplary embodiment. The process begins atstep 402 in which a user initiates a secure transaction by providing personally identifiable information to thecomputing device 205. For example, in the context of an ATM, the user can present a transaction card to the ATM by inserting it into theelectronic reader 260. The ATM can receive the account information, such as an account number, account-holder name, and the like, read from the transaction card. By way of further example, in the context of a POS device, the user can identify himself/herself by presenting a NFC communication device to theelectronic reader 260 and wirelessly transmitting account information to the POS device. By way of further example, in the context of a user logging into a networked system, say, a secure website, the user can initiate the secure transaction by entering a username. - Then at
step 405, responsive to initiation of the transaction, theprocessor 210 ofcomputing device 205 executing one or more of thesoftware modules 230, including, in certain implementations, therandomizer module 272, generates a “randomized” input sequence. - Traditionally, all PINS or passcodes, whether numerical or alphabetical have a prescribed input sequence where the characters are input serially from the first character in the sequence to the last. For example, a 4 digit user PIN number, say, “7892” is traditionally input serially, one number at a time starting with the first position in the input order, “7” followed by the second position, “8”, followed by the third position, “9” and lastly the fourth position, “2”. As such, each of the digits in the PIN have a prescribed input order (1st, 2nd, 3rd, 4th) and a corresponding position in the order, e.g., 1st—“7”, 2nd“8”, 3rd—“9” and 4th—“2”.
- The configured processor, can generate a “randomized” input sequence so as to create an input sequence that differs from the prescribed input order (1,2,3,4) and as such provides an additional level of security in case an onlooker or video camera were monitoring the
user interface 240 and unlawfully recording the user enter the PIN at thecomputing device 205. The randomized input sequence need not be truly random and, for example, can be generated by the configured processor by using a pseudo-random number generator that randomly reorders the prescribed input order 1, 2, 3, 4 to an arbitrary input sequence, for example, 2, 4, 1, 3. Preferably the randomized input sequence is a non-repeating random sequence of digits in the range 1 to N, wherein N is the number of prescribed passcode characters and each digit corresponds to one of the prescribed positions in the prescribed input order. Also, preferably, the randomized sequence does not omit any positions in the prescribed input order, for example, 2,4,4,1, such that each digit is entered by the user for comparison to the stored PIN. Also, the sequence can be non-repeating, however, it should be understood that repeating input sequences and sequences that have more digits than the prescribed PIN can be generated, for example, 2, 4, 1, 1, 3. In a 4 digit PIN, randomly re-ordering the sequence provides 256 different input sequences, thereby making it significantly more difficult for an individual who captures the user's PIN from a single transaction to guess the PIN while trying to fraudulently access the user's account and PIN information. - It should be understood that the randomized input sequence can be generated by the configured
processor 210 of thecomputing device 205 or alternatively, by a remote server, for example, one that is part of thepayment network 120 or thefinancial institution network 140 and transmitted via a communications network and received by thecommunication interface 255. It should be understood that transmitting data (e.g., the input sequence or the user inputs) to and from the computing device can be performed using communication protocols, including without limitation, Short Message Service, Unstructured Supplementary Service Data or Interactive Voice Response. - Then at
step 410, theprocessor 210 executing one or more of thesoftware modules 230, including, in certain implementations, theuser interface module 270, can present the “randomized” input sequence to the user. For example, as depicted inFIG. 4 , the randomizedinput sequence 242 can be displayed by simply showing the re-ordered positions (e.g., 2, 4, 1, 3). Accordingly, the user is prompted to first input, on the user interface 240 (key-pad), the PIN digit that corresponds to the 2nd position in the prescribed input order, followed by the PIN digit that corresponds to the 4th position, followed by the PIN digit that corresponds to the first position and lastly the PIN digit that corresponds to the 3rd position in the prescribed input order. Preferably, the randomized input sequence is presented to a user on adisplay 250 or area of thedisplay 250 that is separate from the user interface 240 (e.g., key-pad) where the user enters the PIN because fraudsters typically focus a camera or attempt to view the user interface as opposed to the user interface and the display. It should be understood that alternative output devices can be used to present information to the user and receive input from the user via the computing device, for example, audio input/output devices or tactile input/output devices as would be understood by those skilled in the art. - Then, at step 415, the
processor 210, which is configured by executing one or more ofsoftware modules 230, including, in certain implementations, theuser interface module 270, receives an input of the user's PIN. The received PIN is input by the user into the user interface 240 (e.g., key-pad) of thecomputing device 205 and received as a plurality of “received PIN digits” each having a received position corresponding to the order in which they were input by the user and received by the configuredprocessor 210. Returning to the example of the exemplary PIN, having the prescribed input order 1, 2, 3, 4 and corresponding prescribed PIN digits position 1st—“7”, 2nd“8”, 3rd—“9” and 4th—“2”. Presenting the randomized input sequence 2, 4, 1, 3, to the user should elicit the user's entry and receipt by theprocessor 210 of the received PIN digits 8, 2, 7, 9, in that order. In this example, the first position received PIN digit is “8”; the second position received PIN digit is “2”; the third position received PIN digit is “7”; and the fourth position received PIN digit is “9”. - Turning briefly to
FIG. 5A , which depicts an alternative manner of prompting the user to input the user's PIN according to the randomized input sequence (e.g., PIN digit positions 2, 4, 1, 3) and receiving the user input. As shown inFIG. 5A , the configured processor can present on thedisplay 250, a form that includes a plurality of distinct areas 251-254, which in this example are boxes. Preferably, each of the boxes corresponds to one of the positions in the prescribed input order. As mentioned above, the prescribed input order is typically PIN digit positions (1, 2, 3, 4). Display of the boxes in the exemplary left to right arrangement is similar to how a conventional ATM displays blanks, dashes, boxes or other such indicators alerting the user that each area corresponds to a digit of the PIN to be entered by the user. In this example, theleftmost area 251 corresponds to the first position in the prescribed input order (i.e., first digit of the user's PIN),area 252 corresponds to the second position (i.e., second digit of the user's PIN),area 253 corresponds to the third position (i.e., third digit of the user's PIN), andarea 254 corresponds to the fourth position in the prescribed input order (i.e., fourth digit of the user's PIN). - In one implementation, the configured processor can prompt the user to input the user's PIN according to the randomized input sequence by highlighting the boxes according to the randomized input sequence (PIN positions 2, 4, 1, 3). Since the first PIN digit to be entered according to the rearranged input sequence is the PIN digit that is normally in the 2 nd position, as shown in
FIG. 5A , thesecond area 252 is highlighted to prompt the user to input the PIN digit which corresponds to the 2nd position in the prescribed input order. As depicted inFIG. 5B , after receipt of the user input, the configured processor can highlight another distinct area according to the randomized input sequence. In this example, thefourth area 254 is highlighted to prompt the user to input the PIN digit which corresponds to the 4th position. This process can be repeated iteratively for the entire randomized input sequence. - It should be understood that alternative methods of displaying the input sequence or prompting user input are possible. For example, each digit in the randomized input sequence can be displayed on a different portion of the screen so as to make it more difficult for an onlooker to view the input sequence. Moreover, the randomized sequence can be provided to the user via an alternative means to the
display 250. For example, one or more notifications (such as an e-mail or SMS message) containing the sequence can be generated and/or transmitted to the user. - At
step 420, theprocessor 210, which is configured by executing one or more of thesoftware modules 230, including, in certain implementations, theauthentication module 274, verifies that the PIN matches a PIN stored in the database. More specifically, the configured processor can test the received data against a database of PINS associated with a plurality of account holders for an exact match. The testing step can include comparing the received PIN digits to the particular PIN associated with the account holder (e.g., the user) stored in thedatabase 280. The received PIN is compared in accordance with the randomized input sequence and in regard to the order that the input data was received. - By way of illustration, in certain implementations, using the account information read from the user's debit card, the configured processor can query the
database 280 for the prescribed PIN number stored therein and associated with the account information. For example, the prescribed PIN can be stored in thedatabase 280 as an entry an account association table. The account association table can include information such as card numbers, account numbers, prescribed PINS, security codes, account holder names, and the like. Preferably, each prescribed PIN is stored in a prescribed input order. For each of the received PIN digits having a particular received position, verification includes comparing the received PIN digit to the prescribed PIN digit having a prescribed position that is equivalent to the particular received position transposed according to the randomized input sequence. - As an alternative, the received PIN digits can be re-ordered according to the randomized input sequence prior to comparing the received PIN digits to the particular PIN associated with the account information. As such, the re-ordered received PIN digits can be directly compared to the corresponding prescribed PIN digits.
- It should be understood that the
computing device 205 and/or remote computing devices (e.g., back-end servers that are part of thepayment network 120 and/or the financial institution network 140) can verify whether the received PIN matches a prescribed PIN stored in the database. Similarly, one or more steps involved in verifying a PIN, e.g., re-ordering and/or comparing, can also be performed by thecomputing device 205 and/or a remote computing device. For example, thecomputing device 205 can re-order the received PIN according to the randomized input sequence and transmit the re-ordered received PIN to a remote computing device for comparison to the particular PIN associated with the account holder. - Typically, in ATM transactions, the verification/testing of a received passcode with stored passcodes can be performed using a hardware security module (HSM) residing in the
payment network 120 and/or financial institution network 140 (not shown). The HSM receives (1) the received PIN and (2) and an encrypted PIN previously stored in a memory (e.g., a database), and the HSM outputs the result of testing/verification. However, it should also be understood that various computing devices or modules can perform the testing step in accordance with the disclosed embodiments. - At
step 425, theprocessor 210, which is configured by executing one or more of thesoftware modules 230, including, in certain implementations, theauthentication module 274, causes the secure transaction at the terminal to advance in response to any exact match of the received PIN to the prescribed PIN. Advancing the transaction can include authorizing the transaction, displaying user options and the like as would be understood by those skilled in the art. In the event of a non-match, the configured processor can cause thedisplay 250 to notify the user with an error message and can prompt the user to re-enter the user's PIN according to the previously generated randomized sequence. Alternatively, in the event of failure, the configured processor can repeat steps 415-425 or variations thereof - At this juncture, it should be noted that although much of the foregoing description has been directed to systems and methods for guided passcode entry to facilitate secure transactions, the systems and methods disclosed herein can be similarly deployed and/or implemented in scenarios, situations, and settings far beyond the referenced scenarios. It can be readily appreciated that the systems and methods for facilitating guided passcode entry described in the context of a
payment processing system 100 can be effectively employed in practically any scenario where entry of a PIN number, log-in, password or other such sensitive information is done in an open or public space where it is more challenging to enter such sensitive information in a secure manner. It should be further understood that any such implementation and/or deployment is within the scope of the systems and methods described herein. Moreover, the references herein to ATM transactions should be understood to be exemplary, and thus non-limiting. As such, it can be further appreciated that the methods and systems described herein can be readily adapted towards the facilitation of the receipt of a PIN, for example at a point of sale device where a payment card or NFC device is used. Additionally, it should be understood thatpayment processing system 100 is referred to as such in the interests of simplicity and clarity, however, in certain implementations,payment processing system 100 can be configured such that it enables any number of operations described herein (e.g., generating a randomized input sequence, authenticating, etc.), even if such operations do not directly pertain to payment processing transactions. - It is to be understood that like numerals in the drawings represent like elements through the several figures, and that not all components and/or steps described and illustrated with reference to the figures are required for all embodiments or arrangements. It should also be understood that the embodiments, implementations, and/or arrangements of the systems and methods disclosed herein can be incorporated as a software algorithm, application, program, module, or code residing in hardware, firmware and/or on a computer useable medium (including software modules and browser plug-ins) that can be executed in a processor of a computer system or a computing device to configure the processor and/or other elements to perform the functions and/or operations described herein. It should be appreciated that according to at least one embodiment, one or more computer programs, modules, and/or applications that when executed perform methods of the present invention need not reside on a single computer or processor, but can be distributed in a modular fashion amongst a number of different computers or processors to implement various aspects of the systems and methods disclosed herein.
- Thus, illustrative embodiments and arrangements of the present systems and methods provide a computer implemented method, computer system, and computer program product for facilitating guided passcode entry. The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments and arrangements. In this regard, each block in the flowchart or block diagrams can represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
- The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the singular forms “a”, “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms “comprises” and/or “comprising”, when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
- Also, the phraseology and terminology used herein is for the purpose of description and should not be regarded as limiting. The use of “including,” “comprising,” or “having,” “containing,” “involving,” and variations thereof herein, is meant to encompass the items listed thereafter and equivalents thereof as well as additional items.
- The subject matter described above is provided by way of illustration only and should not be construed as limiting. Various modifications and changes can be made to the subject matter described herein without following the example embodiments and applications illustrated and described, and without departing from the true spirit and scope of the present invention, which is set forth in the following claims.
Claims (19)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/060,726 US9082121B2 (en) | 2013-10-23 | 2013-10-23 | System and method for guided passcode entry |
US14/733,284 US9811829B2 (en) | 2013-10-23 | 2015-06-08 | System and method for guided passcode entry |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/060,726 US9082121B2 (en) | 2013-10-23 | 2013-10-23 | System and method for guided passcode entry |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/733,284 Continuation US9811829B2 (en) | 2013-10-23 | 2015-06-08 | System and method for guided passcode entry |
Publications (2)
Publication Number | Publication Date |
---|---|
US20150112872A1 true US20150112872A1 (en) | 2015-04-23 |
US9082121B2 US9082121B2 (en) | 2015-07-14 |
Family
ID=52827065
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/060,726 Active US9082121B2 (en) | 2013-10-23 | 2013-10-23 | System and method for guided passcode entry |
US14/733,284 Active 2033-11-05 US9811829B2 (en) | 2013-10-23 | 2015-06-08 | System and method for guided passcode entry |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/733,284 Active 2033-11-05 US9811829B2 (en) | 2013-10-23 | 2015-06-08 | System and method for guided passcode entry |
Country Status (1)
Country | Link |
---|---|
US (2) | US9082121B2 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10185938B2 (en) * | 2015-09-22 | 2019-01-22 | Mastercard International Incorporated | Methods and systems for product identification and computer routing services |
US20190251248A1 (en) * | 2018-02-15 | 2019-08-15 | Verifone, Inc. | Systems and methods for authentication code entry using mobile electronic devices |
CN110832485A (en) * | 2018-06-07 | 2020-02-21 | 北京光合信诚科技有限公司 | Method for inputting verification code, hardware wallet and transaction equipment |
CN111325538A (en) * | 2020-02-19 | 2020-06-23 | 福建瑞达精工股份有限公司 | Payment method based on block chain digital currency and digital watch payment system |
US10956911B2 (en) | 2015-07-13 | 2021-03-23 | Mastercard International Incorporated | System and method of managing data injection into an executing data processing system |
US12020242B2 (en) * | 2018-08-07 | 2024-06-25 | International Business Machines Corporation | Fair transaction ordering in blockchains |
Citations (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5251259A (en) * | 1992-08-20 | 1993-10-05 | Mosley Ernest D | Personal identification system |
US5428349A (en) * | 1992-10-01 | 1995-06-27 | Baker; Daniel G. | Nondisclosing password entry system |
US6209104B1 (en) * | 1996-12-10 | 2001-03-27 | Reza Jalili | Secure data entry and visual authentication system and method |
US6213391B1 (en) * | 1997-09-10 | 2001-04-10 | William H. Lewis | Portable system for personal identification based upon distinctive characteristics of the user |
US20060143138A1 (en) * | 2004-12-27 | 2006-06-29 | Fujitsu Limited | Password input method |
US7155416B2 (en) * | 2002-07-03 | 2006-12-26 | Tri-D Systems, Inc. | Biometric based authentication system with random generated PIN |
US20070136211A1 (en) * | 2004-03-15 | 2007-06-14 | Brown Kerry D | Financial transactions with dynamic card verification values |
US7295832B2 (en) * | 2002-05-31 | 2007-11-13 | Infineon Technologies Ag | Authorization means security module terminal system |
US7481360B1 (en) * | 1998-04-17 | 2009-01-27 | Diebold Self-Service Systems Division Of Diebold, Incorporated | Cash dispensing automated banking machine with instructional electronic ink displays |
US8127141B2 (en) * | 2001-10-30 | 2012-02-28 | F-Secure Oyj | Method and apparatus for selecting a password |
US20120078795A1 (en) * | 2001-09-21 | 2012-03-29 | Jpmorgan Chase Bank, N.A. | System for providing cardless payment |
US20120124654A1 (en) * | 2010-11-16 | 2012-05-17 | Evolucard S/A | System and method for a secure user interface |
US20130339746A1 (en) * | 2012-06-18 | 2013-12-19 | Ologn Technologies Ag | Secure password management systems, methods and apparatuses |
US8813219B2 (en) * | 2012-08-23 | 2014-08-19 | Alejandro V Natividad | Method for producing dynamic data structures for authentication and/or password identification |
US8811609B2 (en) * | 2011-07-28 | 2014-08-19 | Electronics And Telecommunications Research Institute | Information protection system and method |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2490873C (en) * | 2003-12-29 | 2009-02-17 | Bruno Lambert | Enhanced pin and password protection system and method |
US8006300B2 (en) * | 2006-10-24 | 2011-08-23 | Authernative, Inc. | Two-channel challenge-response authentication method in random partial shared secret recognition system |
-
2013
- 2013-10-23 US US14/060,726 patent/US9082121B2/en active Active
-
2015
- 2015-06-08 US US14/733,284 patent/US9811829B2/en active Active
Patent Citations (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5251259A (en) * | 1992-08-20 | 1993-10-05 | Mosley Ernest D | Personal identification system |
US5428349A (en) * | 1992-10-01 | 1995-06-27 | Baker; Daniel G. | Nondisclosing password entry system |
US6209104B1 (en) * | 1996-12-10 | 2001-03-27 | Reza Jalili | Secure data entry and visual authentication system and method |
US6213391B1 (en) * | 1997-09-10 | 2001-04-10 | William H. Lewis | Portable system for personal identification based upon distinctive characteristics of the user |
US7481360B1 (en) * | 1998-04-17 | 2009-01-27 | Diebold Self-Service Systems Division Of Diebold, Incorporated | Cash dispensing automated banking machine with instructional electronic ink displays |
US20120078795A1 (en) * | 2001-09-21 | 2012-03-29 | Jpmorgan Chase Bank, N.A. | System for providing cardless payment |
US8127141B2 (en) * | 2001-10-30 | 2012-02-28 | F-Secure Oyj | Method and apparatus for selecting a password |
US7295832B2 (en) * | 2002-05-31 | 2007-11-13 | Infineon Technologies Ag | Authorization means security module terminal system |
US7155416B2 (en) * | 2002-07-03 | 2006-12-26 | Tri-D Systems, Inc. | Biometric based authentication system with random generated PIN |
US20070136211A1 (en) * | 2004-03-15 | 2007-06-14 | Brown Kerry D | Financial transactions with dynamic card verification values |
US20060143138A1 (en) * | 2004-12-27 | 2006-06-29 | Fujitsu Limited | Password input method |
US20120124654A1 (en) * | 2010-11-16 | 2012-05-17 | Evolucard S/A | System and method for a secure user interface |
US8811609B2 (en) * | 2011-07-28 | 2014-08-19 | Electronics And Telecommunications Research Institute | Information protection system and method |
US20130339746A1 (en) * | 2012-06-18 | 2013-12-19 | Ologn Technologies Ag | Secure password management systems, methods and apparatuses |
US8813219B2 (en) * | 2012-08-23 | 2014-08-19 | Alejandro V Natividad | Method for producing dynamic data structures for authentication and/or password identification |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10956911B2 (en) | 2015-07-13 | 2021-03-23 | Mastercard International Incorporated | System and method of managing data injection into an executing data processing system |
US10185938B2 (en) * | 2015-09-22 | 2019-01-22 | Mastercard International Incorporated | Methods and systems for product identification and computer routing services |
US20190251248A1 (en) * | 2018-02-15 | 2019-08-15 | Verifone, Inc. | Systems and methods for authentication code entry using mobile electronic devices |
US11042628B2 (en) * | 2018-02-15 | 2021-06-22 | Verifone, Inc. | Systems and methods for authentication code entry using mobile electronic devices |
US20210312036A1 (en) * | 2018-02-15 | 2021-10-07 | Verifone, Inc. | Systems and methods for authentication code entry using mobile electronic devices |
US11604870B2 (en) * | 2018-02-15 | 2023-03-14 | Verifone, Inc. | Systems and methods for authentication code entry using mobile electronic devices |
CN110832485A (en) * | 2018-06-07 | 2020-02-21 | 北京光合信诚科技有限公司 | Method for inputting verification code, hardware wallet and transaction equipment |
US12020242B2 (en) * | 2018-08-07 | 2024-06-25 | International Business Machines Corporation | Fair transaction ordering in blockchains |
CN111325538A (en) * | 2020-02-19 | 2020-06-23 | 福建瑞达精工股份有限公司 | Payment method based on block chain digital currency and digital watch payment system |
Also Published As
Publication number | Publication date |
---|---|
US9811829B2 (en) | 2017-11-07 |
US9082121B2 (en) | 2015-07-14 |
US20150287035A1 (en) | 2015-10-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20210264434A1 (en) | System and method using merchant token | |
US10037516B2 (en) | Secure transactions using a point of sale device | |
US11282081B2 (en) | Authentication via biometric passphrase | |
US9811829B2 (en) | System and method for guided passcode entry | |
US20180150833A1 (en) | Device pairing via trusted intermediary | |
US20170039566A1 (en) | Method and system for secured processing of a credit card | |
US20160092876A1 (en) | On-device shared cardholder verification | |
US20180330367A1 (en) | Mobile payment system and process | |
US20120303534A1 (en) | System and method for a secure transaction | |
AU2023200221A1 (en) | Remote transaction system, method and point of sale terminal | |
CN111886618A (en) | Digital access code | |
US20160063481A1 (en) | System and Method of Electronic Authentication at a Computer Initiated Via Mobile | |
US20180204214A1 (en) | Systems and methods for transaction authentication using dynamic wireless beacon devices | |
US10504116B2 (en) | Verification for payment transactions | |
US20230185898A1 (en) | Systems and methods for authentication code entry using mobile electronic devices | |
CN114207578A (en) | Mobile application integration | |
US20220405731A1 (en) | System and method for authenticating a user of a banking device | |
EP3664006A1 (en) | Systems and methods for transacting at a local financial service provider device by online credentials | |
EP3332370A1 (en) | Systems and methods for interaction authentication using dynamic wireless beacon devices | |
TWM596933U (en) | System for withdrawing cash via external system | |
KR102443675B1 (en) | User authentication and transaction staging | |
EP3203428A1 (en) | Transaction processing system and process | |
TW201642191A (en) | Transaction method and transaction security system with authentication using personal device, and computer-readable medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: MASTERCARD INTERNATIONAL INCORPORATED, NEW YORK Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SADIQ, MOHAMMED;REEL/FRAME:031458/0540 Effective date: 20131023 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 4 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 8 |